Deploy MacOS on ESXi

Last week, I needed a virtualized macOS device to test some configurations of UEM.
So I tried to run it on my home lab and found out that it is not so easy to just fire up a VM and mount an ISO.

Below are my findings…

!! WARNING !!
DO NOT USE THIS IN PRODUCTION
!! WARNING !!!

Prerequisites

I believe this will also work with other versions of Mac, ESXi, and vCenter. But these are the versions I used.

  • ESXi 7.0u3d
  • vCenter 7.0u3e
  • MacBook Pro – M1 – MacOS Monterey 12.4

Download macOS

Download macOS with your own MacOS device, Open this link

Press Command-Q to exit the installer

Prepare MacOS installer

Open op the good old terminal on Mac and enter the following commands

# Login as super user
sudo -i

# Create a empty file
hdiutil create -o /tmp/monterey -size 13800.1m -volname monterey -layout SPUD -fs HFS+J

# Mount this empty file
hdiutil attach /tmp/monterey.dmg -noverify -mountpoint /Volumes/monterey

# Create the install media
sudo /Applications/Install\ macOS\ Monterey.app/Contents/Resources/createinstallmedia --volume /Volumes/monterey --nointeraction

# Eject the install media
hdiutil eject -force /volumes/Install\ macOS\ Monterey/

# Convert the DMG to a CDR format (adjust USERNAME in the path below)
hdiutil convert /tmp/monterey.dmg -format UDTO -o /Users/USERNAME/Desktop/monterey.cdr

# Convert the CDR to a ISO format (adjust USERNAME in the path below)
mv /Users/USERNAME/Desktop/Monterey.cdr /User/USERNAME/Desktop/Monterey.iso

# Cleanup the mess we made
rm -rf /tmp/monterey.dmg

Prepare ESXi Host

So we can’t install macOS natively on ESXi, we need to patch VMware-vmx and libvmkctl on the ESXi host to be able to run macOS.

Luckily some easy tools are available, see the following Github repo for more information: shanyungyang/esxi-unlocker: VMware ESXi macOS (github.com)

The source needs to be compiled with python, I did this already and uploaded the pre-compiled version to my GitHub, you can download it from here

If you don’t trust me 😉 you can do it yourself.

Upload ESXi-unlocker-3.0.2.tgz and Monterey.iso to a Datastore that is reachable by the ESXi host.


In my case, I used the folder ISO to put the monterey.iso and unlocker.

Start SSH for the ESXi Host

# Login to ESXi host SSH (do this from the mac terminal)
ssh [email protected]

# Once logged in browse to the datastore / folder where you uploaded the  unlocker, in my case:
cd /vmfs/volumes/NUC0-SSD/ISO/

# Create a folder for the unlocker
mkdir esxi-unlocker

# Unpack the unlocker
tar zxvf esxi-unlocker-302.tgz --directory esxi-unlocker/

# Browse to the unlocker folder
cd esxi-unlocker

# Make all .sh scripts executable
chmod +x *.sh

# Test if unlocker is not already installed - Outcome of this should be: smcPresent = false
./esxi-smctest.sh

# If smcPresent = false, continune and install the VMware Unlocker
./esxi-install.sh

# If the command executed successfully, reboot the ESXi host
reboot

Wait until the ESXi host is booted again and check if smcPreset = true

# Login to ESXi host SSH (do this from the mac terminal)
ssh [email protected]

# Once logged in browse to the datastore / folder where you installed the 
unlocker, in my case:
cd /vmfs/volumes/NUC0-SSD/ISO/esxi-unlocker/

# Test if unlocked is installed - Outcome of this should be: smcPresent = true
./esxi-smctest.sh

Create a new Virtual Machine

Keep all the settings default until you Select a guest OS and size the virtual machine as you like

Select Guest OS Family: Other and Guest OS Version: Apple MacOS 12 (64-bit)

Mount the Monterey iso and fire up the VM!
If everything went good you would see the Apple logo on the virtual machine booting

HOW COOL!

Select the language you want and continue

Fire up Disk Utility

Now continue the normal macOS Setup

FINALLY! Enrolling to UEM

A Disaster happened…..


When I tried to enroll the MacOS VM into UEM and tried to install the profile got Profile installation failed. The most probable cause was due to Device Name the MacOS VM said hi to UEM and did not recognize it as a macOS Machine. Let’s try to fix that!

Turn off the macOS VM, edit the settings, and add the following values to the configuration parameters

serialNumber.reflectHost = FALSE
# Generate your own serial number instead of XXXX, keep the rest the same
serialNumber = C02N49ZVXXXX
hw.model.reflectHost = FALSE
hw.model = MacBookAir6,1
smbios.reflectHost = FALSE

Save all settings and boot up the Virtualized MacOS VM again!

Now enrolling in UEM works nicely!!!

Leave a Reply

Your email address will not be published.

20 + eleven =